6/5/2023 0 Comments Zenmap subnet scanThe seed devices are, by default, at Scan Depth 1. The Scan Depth numbers indicate the levels of the network you want to scan. Specify the Scan Depth by selecting the desired number from 1 to 5. This option runs the network scan once, either immediately if no start time is specified, or at the time specified by the Start Time of Scan parameter. Specify the frequency of the network scan: Separate multiple device IP addresses with commas. If one scan configuration has multiple seed devices, all the seed devices are forwarded to one node.Įnter the IP addresses of one or more seed devices from which the network scan should proceed. Each scan configuration added is distributed by the master to a different node in the zone. NOTE: The primary master server in the zone forwards the scan request to the other ClearPass nodes in the zone, depending on the seed device. If ClearPass Zones have not yet been set up, accept the default zone. Specify the ClearPass Zone (for more information, see Managing Policy Manager Zones). The master ClearPass server in a zone distributes the load among other ClearPass nodes in the zone. NOTE: For scan operations to be operable, the Master Server in Zone parameter must be configured. Table 1: Configuring Network Scan Parameters Specify the Schedule Scan parameters as described in the following table: Navigate to Configuration > Network Scan. It is recommended that the network scan should be done outside of normal business hours or performed on a ClearPass node that is not servicing core authentications. Depending on the number of devices associated with the seed device, a complete scan can take more than an hour. Running a network scan on seed devices is a time- and resource-consuming operation. You can go to those devices and see their neighbor devices. The network discovery scan will proceed to the network depth specified by the Scan Depth parameter (described in below). When you initiate a network scan and specify the seed devices, network discovery uses SNMP to:įind any other devices connected to the seed devices.ĬlearPass uses that information to detect more devices in the network. Seed devices are the initial IP addresses provided by the network administrator to start the network scan. Review the set of discovered devices and view the connected endpoints and neighbors (see Monitoring Discovered Devices). 3.Īfter running a network scan, import the discovered network devices into ClearPass (see Monitoring Discovered Devices). The Domain/WMI, SNMP, and SSH credentials are used during a network scan or a subnet scan to profile Windows servers and machines (WMI credentials), Linux servers and machines (SSH credentials), and network devices (SNMP). For details, see:Ĭonfiguring the Networks/Subnets for WMI Scan TypeĬonfiguring the Networks/Subnets for SNMP Scan TypeĬonfiguring the Networks/Subnets for SSH Scan Type For details, see Adding External Accounts.Īdd the scan configurations (Domain/WMI, SNMP, or SSH) needed to query all the devices in the target network. Network Scan High-Level Tasks Network Scan High-Level TasksĬonfiguring Network Scan operations consist of these major tasks: 1.Ĭreate the external accounts of Domain/WMI, SNMP, or SSH type for network hosts and devices. This section provides the following information: Open topic with navigation Configuring Network Scans and Subnet Scans Configuring Network Scans and Subnet Scans
0 Comments
Leave a Reply. |